package com.dzsw.camunda.config;

import cn.dev33.satoken.interceptor.SaRouteInterceptor;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import com.dzsw.camunda.interceptor.LoginHandlerInterceptor;
import com.dzsw.camunda.interceptor.WhiteIpInterceptor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import javax.annotation.Resource;
import java.util.List;

@Configuration
public class SaTokenConfig implements WebMvcConfigurer {

    @Resource
    private FyConf fyConf;

    @Override
    public void addInterceptors(InterceptorRegistry registry) {

        registry.addInterceptor(new WhiteIpInterceptor(fyConf.getWhiteIpList())).addPathPatterns("/**");
        registry.addInterceptor(new LoginHandlerInterceptor()).addPathPatterns("/**");
        // 注册Sa-Token的路由拦截器，并排除登录接口或其他可匿名访问的接口地址 (与注解拦截器无关)
        registry.addInterceptor(new SaRouteInterceptor((req, res, handler)->{
            System.out.println("route");
            // 登录验证 -- 拦截所有路由，并排除/user/doLogin 用于开放登录
            SaRouter.match("/**", "/demo/doLogin", () -> StpUtil.checkLogin());
            // 根据路由划分模块，不同模块不同鉴权
            SaRouter.match("/demo/**", () -> StpUtil.checkRole(fyConf.getRoleRegion()));
            SaRouter.match("/demo1/**", () -> StpUtil.checkRole(fyConf.getRoleCity()));
            SaRouter.match("/demo2/**", () -> StpUtil.checkRole(fyConf.getRoleManager()));
        })).addPathPatterns("/**");
    }
}
